package com.macaline.technology.shiro.realm;

import com.macaline.Golbal;
import com.macaline.bean.LoginUser;
import com.macaline.spring.SpringContext;
import com.macaline.entity.Permission;
import com.macaline.entity.Role;
import com.macaline.entity.User;
import com.macaline.service.perssion.RoleService;
import com.macaline.service.user.UserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;

import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;

public class LoginRealm extends AuthorizingRealm {


	/**
	 * 通过用户的角色权限为用户添加所拥有的权限信息
	 * 注：此方法是当用使用权限相关的之后才进行执行，项目启动的时候并不进行权限设定
	 * @param principals 登录用户的基本信息
	 * @return
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

		SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
		// 获取当前正在登录的用户信息
		LoginUser loginUser = (LoginUser) principals.getPrimaryPrincipal();
		Integer roleId = loginUser.getUser().getRoleId();
		// 通过用户信息的角色信息查找该用户所拥有的权限
		RoleService roleService = SpringContext.getBean(RoleService.class);

		// 设置用户角色信息
		Role role = roleService.queryById(roleId);
		if(role == null){
			return null;
		}
		simpleAuthorizationInfo.addRole(role.getName());
		List<Permission> queryPermissionList = roleService.getPermssionByRoleId(roleId);
		if(queryPermissionList == null){
			return null;
		}
		// 对权限进行整理保存到shiro中
		List<String> permissionList = new LinkedList<String>();
		Iterator<Permission> iterator = queryPermissionList.iterator();
		String permission = null;
		while (iterator.hasNext()){
			permission = iterator.next().getProduce();
			permissionList.add(permission);
		}
		simpleAuthorizationInfo.addStringPermissions(permissionList);
		return simpleAuthorizationInfo;
	}

	/**
	 * 
	* <p>@author warm_joy </p>
	* <p>Description: 对用户进行密码验证</p>
	* <p>Date: 2019-06-29 15:32</p>
	* @param authToken 保存用户信息的指令
	* @return
	* @throws AuthenticationException
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authToken) throws AuthenticationException {
		
		
		UsernamePasswordToken token = (UsernamePasswordToken) authToken;
		//得到用户名
		String userName = (String) token.getUsername();
		//得到userService
		UserService userService = SpringContext.getBean(UserService.class);
		//得到roleService
		RoleService roleService = SpringContext.getBean(RoleService.class);
		//通过用户名得到用户
		User user = userService.getByUserName(userName);
		if(user != null) {
			//建立一个升级后的User类
			LoginUser loginUser = new LoginUser();
			loginUser.setUser(user);

			char[] passwordChar = token.getPassword();
			String md5Password = new Md5Hash(String.valueOf(passwordChar).toString(), user.getSalt(), Golbal.USER_PASSWORD_MD5_HASHITERATIONS).toString();
			SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(
					loginUser, md5Password,ByteSource.Util.bytes(user.getSalt()), getName());
			return simpleAuthenticationInfo;
		}
		return null;
	}

	public static void main(String[] args) {
		String md5Password = new Md5Hash(String.valueOf("123456").toString(), "1234", Golbal.USER_PASSWORD_MD5_HASHITERATIONS).toString();
		System.out.println(md5Password);
	}

}
